Add simple RBAC chart
This is not a configurable, generic implementation. It is a starting point that will facilitate moving forward in the short term. Change-Id: I65b627b24e447dd218422f8807e04bc4e1cf6a55
This commit is contained in:
parent
47f142c5f2
commit
08a273c8cc
@ -0,0 +1,4 @@
|
||||
apiVersion: v1
|
||||
description: A chart to apply kubernetes RBAC permissions
|
||||
name: rbac
|
||||
version: 0.1.0
|
@ -0,0 +1,16 @@
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: generous-permissions
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: cluster-admin
|
||||
subjects:
|
||||
- kind: Group
|
||||
name: system:masters
|
||||
- kind: Group
|
||||
name: system:authenticated
|
||||
- kind: Group
|
||||
name: system:unauthenticated
|
@ -7,6 +7,7 @@ data:
|
||||
release_prefix: promenade
|
||||
chart_groups:
|
||||
- promenade-networking
|
||||
- promenade-rbac
|
||||
---
|
||||
schema: armada/ChartGroup/v1
|
||||
metadata:
|
||||
@ -19,6 +20,15 @@ data:
|
||||
- calico
|
||||
- kube-dns
|
||||
---
|
||||
schema: armada/ChartGroup/v1
|
||||
metadata:
|
||||
schema: metadata/Document/v1
|
||||
name: promenade-rbac
|
||||
data:
|
||||
description: core
|
||||
chart_group:
|
||||
- rbac
|
||||
---
|
||||
schema: armada/Chart/v1
|
||||
metadata:
|
||||
schema: metadata/Document/v1
|
||||
@ -69,3 +79,20 @@ data:
|
||||
location: /etc/kubernetes/armada-loader/assets/charts
|
||||
subpath: kube-dns
|
||||
dependencies: []
|
||||
---
|
||||
schema: armada/Chart/v1
|
||||
metadata:
|
||||
schema: metadata/Document/v1
|
||||
name: rbac
|
||||
data:
|
||||
chart_name: rbac
|
||||
release: rbac
|
||||
namespace: kube-system
|
||||
timeout: 600
|
||||
values: {}
|
||||
source:
|
||||
type: local
|
||||
location: /etc/kubernetes/armada-loader/assets/charts
|
||||
subpath: rbac
|
||||
dependencies: []
|
||||
...
|
||||
|
Loading…
Reference in New Issue
Block a user